Issue
I have a WordPress website that uses WooCommerce for the management of the store. I have created a Django application that has to communicate with WooCommerce, in order to be aware of the following actions:
- user creation
- user update
- user delete
- new subscription purchase
- subscription renewal
- subscription expiration
- product purchase (I also sell physical products)
Whenever a new client is created in WooCommerce, I want to create a new user in the Django app, and update/delete it accordingly when the status in WooCommerce changes.
Whenever a product is purchased in WooCommerce, it should be seen in the Django app. The same goes for subscriptions.
I managed to read the POST requests WooCommerce issues for the user-related actions, with the help of Postman, but the format is different from the format accepted by the Django app, and I don't really know how to adapt the views in order to be able to use the information supplied
I configured token-based authentication in Django and generated a token, which I then configured in WooCommerce but it does not seem to use it as in the WooCommerce logs the response is:
[Body] => {"detail":"Authentication credentials were not provided."}
I am really new to both Django Rest Framework and WooCommerce webhooks so I have no idea what other information to include here. I will wait for input regarding this.
Please help me with some guidance as to how to do this integration. Thank you in advance!
Solution
I came across this problem this week and found that the vague documentation around that stuff is not so helpful.
WooCommerce WebHooks uses HMAC-SHA256 authentication and creating a hash with the secret key and the message body.
you can check it with something like that (the secret key is the same one that you put in Woo WebHook in the Secret field):
import base64
import hashlib
import hmac
request_sig = request.headers.get("x-wc-webhook-signature")
signature = hmac.new(<your_secret_key>.encode(), request.payload, hashlib.sha256).digest()
if hmac.compare_digest(
request_sig.encode(), base64.b64encode(signature)
):
return True
return False
You can subclass the BaseAuthentication
from DRF and put that in there and use that class as authentication_classes
in your view.
Answered By - Kobi Dadon
0 comments:
Post a Comment
Note: Only a member of this blog may post a comment.